Free Malware Removal Forum

Welcome to MalwareRemoval.com,What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Did you find any of the other security programs installed ? Which one did you keep ?

Zain ego is my ISP.I use mobile broadband so it is my 3g usb modem software without which i cant use mobile broadband ie No internet.Combo fix did delete it since my 3g usb was not connected at that time .So i had to reinstall it.So do i have to quarantine it!!!!. Please advice.

This was a false positive from ComboFix, The zain program is ok and can stay But still run the CFscript from the last post and copy and paste the log in your next reply.

tcip.sys was not found on my system when i tried to upload it onto virus totalIt said "File not found".

I will advise you of how to do it a different way below.

My comodo firewall keeps stopping a connection from "System". should i be worried. Pls advice

Could you note down any files and file paths of which files are being blocked and post then in your next reply ?

Step 1Set Your Computer to Show All Files/Folders.

Click Start.

Open Computer.

Press the ALT key.

Select the Tools menu and click Folder Options.

Select the View Tab.

Under the Hidden files and folders heading select Show hidden files and folders.

4) I currently have no Antivirus system installed on my Pc other than Malwarebytes5) I have no info about ''System'' Since my Comodo firewall only tells me that it is an out going connection and it is blocked.Should I be worried because each time I start my Internet I can see it getting blocked.

ThenUpdate and run a "full scan" with Malwarebytes and post back the resulting logfile.

Then

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

First please Disable any Antivirus you have active, as shown in This topic.

Note: Don't forget to re-enable it after the scan.

Next hold down Control then click on the following link to open a new window to ESET online scannner

Select the option YES, I accept the Terms of Use then click on Start.

Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

When prompted allow the Add-On/Active X to install.

Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.

Now click on Advanced Settings and select the following:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

Now click on Start.

The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

When completed the Online Scan will begin automatically.

Do not touch either the Mouse or keyboard during the scan otherwise it may stall.

When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!

Now click on Finish.

Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

Copy and paste that log as a reply to this topic.

In your next reply please include:If you were susucessful installing an AV and athe rusults of a scan.The Malwarebytes log.The eset log.Any outstanding problems you are havingAlso can you note down the exact message that Comodo is giving you and post it here for me.

3) Please advice on how to remove the viruses found by eset scanner(Permanently delete them).4)Do i need Window updates?If yes then how do i do it because last time it installed updates and then reverted it back while booting

I SCANNED MY COMPUTER USING AVG IT DETECTED THE VIRUSES IN FRST QUARINTINE AND TRACKING COOKIESI DELETED ALL TRACKING COOKIES AND LEFT THE QUARTINED VIRUSES ALONE

Problem 1:I cant do any windows updates.When i try to update it says "Some updates not installed 55 important updates selected and 55 updates failed'error found:Code 80246008solution:Tried using Microsoft's Fix it tool(for fixing updates).It said it couldn't fix it.Time updates started failing:Immediately after infection

Problem 2: Comodo only only only only shows this message 2200 intrusions from FirewallApplication Action Protocol Souce Ip Source Destination Ip Destination Date[color=#800000] System Blocked UDP 10.180.236.176 137 10.180.236.191 137I am not sure whether it had blocked it or whether it had asked me and i got suspicious and blocked hit

Dont worry about what eset and AVG have found, Whats in FRST quarantine is safe, the other eset entries are no threat to you and can be removed by following the link below. Also the Tracking Cookies that AVG found are safe http://support.mozilla.org/en-US/kb/cle ... fix-issues

I tried to do the microsoft website solution but i couldn't do the first solution

Solution1:Check whether BITS service is set to automatic and started.I coudn't find BITS listed in services.It was not there at all.

Farbar scan log

============

System Restore Disabled Policy: ========================

Action Center:============

Windows Update:============BITS Service is not running. Checking service configuration:Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.The ImagePath of BITS service is OK.The ServiceDll of BITS service is OK.

Windows Autoupdate Disabled Policy: ============================

Windows Defender:==============WinDefend Service is not running. Checking service configuration:The start type of WinDefend service is set to Demand. The default start type is Auto.The ImagePath of WinDefend service is OK.The ServiceDll of WinDefend service is OK.

sharedaccess Service is not running. Checking service configuration:The start type of sharedaccess service is set to AutoThe ImagePath of sharedaccess service is OK.The ServiceDll of sharedaccess service is OK.

Step 4Delete you current copy of ComboFix and download a fresh copy from here

ComboFix - CFScriptThis script is for this user and computer ONLY! Using this tool incorrectly could cause problems with your operating system... preventing it from ever starting again!You will not have Internet access when you execute ComboFix. All open windows will need to be closed!

Please open Notepad and copy/paste all the text below... into the window:

Please disable any Antivirus or Firewall you have active, as shown in this topic. Please close all open application windows.*Only* when the 2 items above (Step 3) have been taken care of...

Drag the CFScript.txt (icon) into the ComboFix.exe icon... as seen in the image below:This will cause ComboFix to run again.Do Not use your keyboard or mouse click anywhere in the ComboFix window, as this may cause the program to stall or crash.Do Not touch your computer when ComboFix is running!

When finished ComboFix will create a log file... you can save this file to a convenient place.

Please copy/paste the ComboFix log file in your next reply.

In your next reply please include:If you managed to get the Updates.The FSS log.The ComboFix logfile.Any problems you had with my instructions.

Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Google.com is accessible.Yahoo IP is accessible.Yahoo.com is accessible.

Windows Firewall:=============

Firewall Disabled Policy: ==================

System Restore:============

System Restore Disabled Policy: ========================

Action Center:============

Windows Update:============

Windows Autoupdate Disabled Policy: ============================

Windows Defender:==============WinDefend Service is not running. Checking service configuration:The start type of WinDefend service is set to Demand. The default start type is Auto.The ImagePath of WinDefend service is OK.The ServiceDll of WinDefend service is OK.

sharedaccess Service is not running. Checking service configuration:The start type of sharedaccess service is set to AutoThe ImagePath of sharedaccess service is OK.The ServiceDll of sharedaccess service is OK.

Hi neil The first time you were infected was more than lightly the P2P use but the second time was from downloading "hitman blood money" from gameshadow. You should be more careful where you download your games from.

ComboFix - CFScriptThis script is for this user and computer ONLY! Using this tool incorrectly could cause problems with your operating system... preventing it from ever starting again!You will not have Internet access when you execute ComboFix. All open windows will need to be closed!

Please open Notepad and copy/paste all the text below... into the window:

Please disable any Antivirus or Firewall you have active, as shown in this topic. Please close all open application windows.*Only* when the 2 items above (Step 3) have been taken care of...

Drag the CFScript.txt (icon) into the ComboFix.exe icon... as seen in the image below:This will cause ComboFix to run again.Do Not use your keyboard or mouse click anywhere in the ComboFix window, as this may cause the program to stall or crash. Do Not touch your computer when ComboFix is running!

When finished ComboFix will create a log file... you can save this file to a convenient place.

Please copy/paste the ComboFix log file in your next reply.

Step 3 (you should still have FRST on the flashdrive, if not you need to download it to the usb again)Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

I am sorry i couldn't reply early since I was traveling on the 1st of August.

I uninstalled all you had asked for

Combo fix log

I attached below since it crossed the word limit

Malwarebytes Quick Scan:No threat found

Hey i didn't do the other updates since they were large files[/color]Problem 1: Can I reinstall Hitman becoz i love that game!!!!PLSProblem2: Can i delete the viruses found in Avast Virus vault.I don't like keeping them on my PC {Files found in FRST quarantine Example: services.exe(Siref)}

You do not have the required permissions to view the files attached to this post.

Who is online

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.